XrML keeps content under control

Rights management technologies enforce predetermined rules, or policies, designed to protect and control electronic content. They can dictate a variety of vital day-to-day operations on content, ranging from simple viewing and printing to editing and sharing. The proprietary formats of digital rights management has made it too difficult to share content with others. Yet many companies need rights management to solve the dual challenges of regulatory compliance and information leakage. To succeed, rights management must be able to protect content in its native format and share that information across the corporation.

Extensible Rights Markup Language (XrML) is an XML-based language that determines rights and conditions for the use of electronic content to protect it from unauthorized use. XrML is slated to become an International Standards Organization standard this quarter as the MPEG-21 Rights Expression Language and is undergoing a months-long standards review within the Organization for the Advancement of Structured Information Standards. Some vendors already include XrML in word processing, publishing, content management and other security software products.

XrML lets rights enforcement software outline access and usage policies for digital content in the form of licenses. XrML licenses define who can access the content, and how it is protected and distributed; and it controls detailed usage rights such as authorized printing and time-based permissions to perform certain operations. When an author protects content, which can be in the form of word documents, spreadsheet data or Web-based reports delivered in a browser or e-mails, the content is typically encrypted to prevent unauthorized access or tampering. Inside this encryption is a license or a pointer to the license on a policy server. When a reader tries to open the document, the application receives the license from the corporate license server, validates the user's authorization and enforces the usage privileges defined for that user.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Rights management technologies enforce predetermined rules, or policies, designed to protect and control electronic content. They can dictate a variety of vital day-to-day operations on content, ranging from simple viewing and printing to editing and sharing. The proprietary formats of digital rights management has made it too difficult to share content with others. Yet many companies need rights management to solve the dual challenges of regulatory compliance and information leakage. To succeed, rights management must be able to protect content in its native format and share that information across the corporation.

Extensible Rights Markup Language (XrML) is an XML-based language that determines rights and conditions for the use of electronic content to protect it from unauthorized use. XrML is slated to become an International Standards Organization standard this quarter as the MPEG-21 Rights Expression Language and is undergoing a months-long standards review within the Organization for the Advancement of Structured Information Standards. Some vendors already include XrML in word processing, publishing, content management and other security software products.

XrML lets rights enforcement software outline access and usage policies for digital content in the form of licenses. XrML licenses define who can access the content, and how it is protected and distributed; and it controls detailed usage rights such as authorized printing and time-based permissions to perform certain operations. When an author protects content, which can be in the form of word documents, spreadsheet data or Web-based reports delivered in a browser or e-mails, the content is typically encrypted to prevent unauthorized access or tampering. Inside this encryption is a license or a pointer to the license on a policy server. When a reader tries to open the document, the application receives the license from the corporate license server, validates the user's authorization and enforces the usage privileges defined for that user.

Any rights-enforcement software that supports the XrML standard can subsequently administer the XrML license. What's more, XrML lets users develop their own rights to meet specific or unique needs.